1.3.29

The Apache HTTP Server Project is an effort to develop and maintain an open-source HTTP server for modern operating systems including UNIX and Windows NT.

The goal of this project is to provide a secure, efficient and extensible server that provides HTTP services in sync with the current HTTP standards

Apache 1.3.29 Changelog

SECURITY: CVE-2003-0542 (cve.mitre.org)
Fix buffer overflows in mod_alias and mod_rewrite which occurred if
one configured a regular expression with more than 9 captures.
[Andr? Malo]

Within ap_bclose(), ap_pclosesocket() is now called consistently
for sockets and ap_pclosef() for files. Also, closesocket()
is used consistenly to close socket fd's. The previous
confusion between socket and file fd's would cause problems
with some applications now that we proactively close fd's to
prevent leakage. PR 22805
[Radu Greab , Jim Jagielski]
If a request fails and the client will be redirected to another URL
due to ErrorDocument, see if we need to drop the connection after
sending the 302 response. This fixes a problem where Apache treated
the body of the failed request as the next request on a keepalive
connection. The subsequent 501 error sent to the browser prevented
some browsers from fetching the error document. [Jeff Trawick]

Enabled RFC1413 ident functionality for both Win32 and
NetWare platforms. This also included an alternate thread safe
implementation of the socket timout functionality when querying
the identd daemon.
[Brad Nicholes, William Rowe]
Prevent creation of subprocess Zombies when using CGI wrappers
such as suExec and cgiwrap. PR 21737. [Numerous]